Unibot, a widely used platform for deploying chatbot solutions, has reportedly fallen victim to a security breach resulting in the theft of an estimated $600,000 or more in user funds.
On October 31, 2023, Lookonchain, an on-chain analyst, disclosed that a hacker had targeted Unibot, siphoning assets from user wallets. In response to this breach, Lookonchain urgently advised Unibot users to promptly transfer any remaining funds to new wallets and revoke contract approvals to mitigate potential further losses.
Unibot also publicly acknowledged the security breach shortly after Lookonchain’s warning. According to Unibot, the attack was facilitated by a vulnerability in a recently deployed router contract, allowing the hacker to gain control of approved user tokens. In an effort to contain the issue, Unibot temporarily suspended its router, but substantial damage had already been inflicted.
Moreover, Unibot pledged to compensate users who suffered losses due to the “router exploit” and assured the community that their wallet private keys remained secure. Nonetheless, this assurance offered little solace to those who experienced the involuntary drainage of their cryptocurrency assets. Unibot also promised to release a comprehensive report following the conclusion of their investigations.
In the aftermath of these events, Unibot’s governance token, UNIBOT, experienced a sharp decline of over 42%, indicating a substantial loss of confidence among token holders and platform users. As of the most recent market data, UNIBOT is trading at $43.23, a slight recovery from its low of $36.45 but still below its 24-hour high of $58. This incident with Unibot serves as a stark reminder of the importance of safeguarding cryptocurrency assets and maintaining self-custody.